5.0
Table Of Contents
- VMware View Installation
- Contents
- VMware View Installation
- System Requirements for Server Components
- System Requirements for Client Components
- Supported Operating Systems for View Agent
- Supported Operating Systems for Windows-Based View Client and View Client with Local Mode
- Hardware Requirements for Local Mode Desktops
- Client Browser Requirements for View Portal
- Remote Display Protocol and Software Support
- Adobe Flash Requirements
- Smart Card Authentication Requirements
- Preparing Active Directory
- Configuring Domains and Trust Relationships
- Creating an OU for View Desktops
- Creating OUs and Groups for Kiosk Mode Client Accounts
- Creating Groups for View Users
- Creating a User Account for vCenter Server
- Create a User Account for View Composer
- Configure the Restricted Groups Policy
- Using View Group Policy Administrative Template Files
- Prepare Active Directory for Smart Card Authentication
- Installing View Composer
- Installing View Connection Server
- Installing the View Connection Server Software
- Installation Prerequisites for View Connection Server
- Install View Connection Server with a New Configuration
- Install a Replicated Instance of View Connection Server
- Configure a Security Server Pairing Password
- Install a Security Server
- Microsoft Windows Installer Command-Line Options
- Uninstalling View Products Silently by Using MSI Command-Line Options
- Configuring User Accounts for vCenter Server and View Composer
- Where to Use the vCenter Server User and Domain User for View Composer
- Configure a vCenter Server User for View Manager, View Composer, and Local Mode
- View Manager Privileges Required for the vCenter Server User
- View Composer Privileges Required for the vCenter Server User
- Local Mode Privileges Required for the vCenter Server User
- Configuring View Connection Server for the First Time
- Configuring View Client Connections
- Sizing Windows Server Settings to Support Your Deployment
- Installing the View Connection Server Software
- Installing View Transfer Server
- Configuring SSL Certificates for View Servers
- Configuring SSL Certificates for View Connection Server and Security Server
- Configuring SSL Certificates for View Transfer Server
- Prepare an Existing Certificate in PKCS#12 Format for Use with View Transfer Server
- Obtain a Signed Certificate from a CA for Use with a View Transfer Server Instance
- Generate a Self-Signed Certificate for View Transfer Server
- Configure a View Transfer Server Instance to Use a Certificate
- Configure SSL for View Transfer Server Communications
- Configuring Certificate Checking in View Client for Windows
- Appendix: Additional SSL Configuration Tasks
- Creating an Event Database
- Installing and Starting View Client
- Index
Configure SSL for View Transfer Server Communications
To configure whether SSL is used for communications and data transfers between client computers that host
local desktops and View Transfer Server, you set View Connection Server settings in View Administrator.
The SSL settings for View Transfer Server communications and data transfers are specific to a single View
Connection Server instance. You might want to enable SSL on an instance that services users that connect from
the Internet, but disable it on an instance that is dedicated to internal users.
SSL is disabled by default for View Transfer Server communications and data transfers.
NOTE These SSL settings do not affect local data, which is always encrypted.
Procedure
1 In View Administrator, select View Configuration > Servers.
2 Select the View Connection Server instance and click Edit.
3 To configure SSL for communications and data transfers between client computers that host local desktops
and View Transfer Server, select or deselect Use SSL for Local Mode operations.
These operations include checking in and checking out desktops and replicating data from client
computers to the datacenter.
4 To configure SSL for transfers of View Composer base-image files from the Transfer Server repository to
client computers that host local desktops, select or deselect Use SSL when provisioning desktops in Local
Mode.
5 Click OK to save your changes.
Your changes take effect immediately. You do not need to restart the View Transfer Server service.
Configuring Certificate Checking in View Client for Windows
You can use a security-related group policy setting in the View Client Configuration ADM template file
(vdm_client.adm) to configure SSL server certificate checking in the Windows-based View Client.
Certificate checking occurs if you configure View Connection Server to require SSL connections for client
connections or for connections to View Administrator. Certificate verification includes all the following checks:
n
Has the certificate been revoked? Is it possible to determine whether the certificate has been revoked?
n
Is the certificate intended for a purpose other than verifying the identity of the sender and encrypting
server communications? That is, is it the correct type of certificate?
n
Has the certificate expired, or is it valid only in the future? That is, is the certificate valid according to the
computer clock?
n
Does the common name on the certificate match the host name of the server that sends it? A mismatch
can occur is if a load balancer redirects the View client to a server with a certificate that does not match
the host name the user entered. Another reason a mismatch can occur is if the user enters an IP address
rather than a host name in the client.
n
Is the certificate signed by an unknown or untrusted certificate authority (CA)? Self-signed certificates are
one type of untrusted CA.
To pass this check, the certificate's chain of trust must be rooted in the device's local certificate store.
Chapter 7 Configuring SSL Certificates for View Servers
VMware, Inc. 87